Move create_temp_file() out of #ifdef ENABLE_CRYPTO

By using get_random() instead of prng_bytes(), we no longer have to place
create_temp_file() inside #ifdef ENABLE_CRYPTO.

The resulting filename now has 62 bits of entropy (2 * [0-INT_MAX])
instead of the previous 128 bits, but that should be plenty.  Assuming an
int is 32 bits, we would need about 2**31 (2147483648) files to have a
(roughly) 0.5 chance of failing in one of the 6 attempts we do.

(This is preparing to move the function out of misc.c, where I'd prefer to
not have to add a #include "crypto.h".)

Signed-off-by: Steffan Karger <steffan.karger@fox-it.com>
Acked-by: David Sommerseth <davids@openvpn.net>
Message-Id: <20170725210234.5673-1-steffan@karger.me>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg15146.html
Signed-off-by: David Sommerseth <davids@openvpn.net>
(cherry picked from commit cd5a74d0d7c6347b31e261e98ca8984819e594df)

diff --git a/src/openvpn/misc.c b/src/openvpn/misc.c
index 0adb164e49a28794c237ff354ab138f264d6b766..cd12f9186223d59c8580f2dc8f55f4611311d105 100644 (file)
--- a/src/openvpn/misc.c
+++ b/src/openvpn/misc.c
@@ -808,8 +808,6 @@ test_file(const char *filename)
     return ret;
 }
 
-#ifdef ENABLE_CRYPTO
-
 /* create a temporary filename in directory */
 const char *
 create_temp_file(const char *directory, const char *prefix, struct gc_arena *gc)
@@ -822,15 +820,11 @@ create_temp_file(const char *directory, const char *prefix, struct gc_arena *gc)
 
     do
     {
-        uint8_t rndbytes[16];
-        const char *rndstr;
-
         ++attempts;
         ++counter;
 
-        prng_bytes(rndbytes, sizeof rndbytes);
-        rndstr = format_hex_ex(rndbytes, sizeof rndbytes, 40, 0, NULL, gc);
-        buf_printf(&fname, PACKAGE "_%s_%s.tmp", prefix, rndstr);
+        buf_printf(&fname, PACKAGE "_%s_%08lx%08lx.tmp", prefix,
+                   (unsigned long) get_random(), (unsigned long) get_random());
 
         retfname = gen_path(directory, BSTR(&fname), gc);
         if (!retfname)
@@ -861,6 +855,8 @@ create_temp_file(const char *directory, const char *prefix, struct gc_arena *gc)
     return NULL;
 }
 
+#ifdef ENABLE_CRYPTO
+
 /*
  * Prepend a random string to hostname to prevent DNS caching.
  * For example, foo.bar.gov would be modified to <random-chars>.foo.bar.gov.